In the last section, we discussed three risks in which ethical boundaries could be broken due to the sharing of HIPAA approved information on the internet. These risks for boundary breaking due to the sharing of HIPAA approved information on the internet include: nationwide database; hackers; and errors in correspondence.
In this section, we will examine three changes in ethical boundaries in regards to the disclosure of raw test-data. These three test-data boundary changes include: shift in standards; effects of HIPAA; and protecting test security.
3 Test-Data Boundary Changes
♦ Change #1 Shift in Standards
The first test-data boundary change includes a shift in standards. Prior to the application of changes to HIPAA in 2003, test-data requested under subpoena was strongly defended by the APA against any disclosure. For instance, such tactics as objections and arguments to protect the security of tests and data including raising technical points about jurisdiction and validity, denying control of records and asserting various privileges.
More specifically, unless an expert was analyzing the data, therapists run the risk of misinterpretation of valuable information that could be used to mislead. However, subsequent to June 1, 2003, the standards of protecting raw test data have significantly changed. Under the APA 2002 Ethics Code, if the client authorizes release of the raw data to someone unqualified to interpret it, the therapist is no longer required, but may refrain from doing so.
The burden seems to shift to the therapist to show how substantial harm, abuse, or representation will flow from that release. Because of this, it is becoming much more difficult to avoid contempt of court when refusing information, so the general "rule of thumb" is to comply with the court’s request. One of the main motives for this change lies in the difficulty regarding enforcing the previous policy. Also, questions arose about a consensus for who exactly was a valid expert that could legitimately interpret the data given to them.
Think of your practice. How did this shift in standards affect your views on raw test data?
♦ Change #2 Effects of HIPAA
The second test data boundary change includes the effects of HIPAA. During the development of the legislation, many practitioners argued for the same categorization of test data as notes. Under this change, no one could have access to data. However, this motion was denied, and test data became more easily accessible with the client’s permission.
Because the clients now have much more control over their own test data, including the right to inspect, receive copies of, and authorize release of their Protected Health Information, including all test data, to third parties, a prohibition on the disclosure of test results would be contradictory to client consideration. These changes leave very few options open for clinicians to protect test data.
3 Options to Protect Test-Data
These options include:
Never record test data in the same place where test stimuli or items are reproduced, and keep all test materials out of the clinical record.
Attempt to obtain permission from the client or client’s representative to reproduce a redacted version of the test data, with the information concerning the stimuli or other test materials masked or removed.
Provide required access to the test stimuli or items when it is inextricable from the test data, but look for other means to protect that security of data.
However, all of these present more complications, problems, and unlikely practice. Can you think of any other way to protect your test results?
♦ Change #3 Protecting Test Security
In addition to shift in standards and effects of HIPAA, the third data boundary change involves protecting test security. Because I, like you, would like to keep my research results, I follow a certain procedure to do so. Prior to assessment for clinical purposes, I obtain informed consent explaining the nature and purpose of the assessment. I then provide an opportunity for questions. Following assessment, I provide an explanation of results to the client.
When such feedback has been provided with sufficient sensitivity and detail, it is unlikely that I will often be pestered with demands for copies of all the protocols and other raw data. When asked for such, it is permissible under HIPAA as well as the Ethics Code to propose various alternatives to a direct inspection of the test data, including offering a verbal explanation or written summary of the results, as long as this is acceptable to the client.
Certainly when the testing is of a sort in which overexposure to the test materials can obviously lead to practice effects and invalidate future testing, only the most intractable or hostile client will demand to copy entire protocols containing test stimuli or items. Also keep in mind that although the client has the right to inspect or copy clinical records for personal use, this does not also permit the client to publish copyrighted material without the permission of the copyrighted holder.
You might want to provide your client with a notice to sign advising him or her that these materials are being provided only for applicable health care purposes and the client’s personal use and that the test publisher, as owner of the copyright, has the rights to control their reproduction
In this section, we discussed three changes in ethical boundaries in regards to the disclosure of raw test data. These three test data boundary changes include: shift in standards; effects of HIPAA; and protecting test security.
In the next section, we will examine three controversies created by HIPAA and its possible breach of privacy boundaries. These three HIPAA privacy controversies include: governmentally accessed information; contradictory language; and employer access.
Peer-Reviewed Journal Article References:
American Psychological Association, Science Directorate, Committee on Psychological Tests & Assessment. (1996). Statement on the disclosure of test data. American Psychologist, 51(6), 644–648.
Barnett, J. E. (2011). Psychotherapist self-disclosure: Ethical and clinical considerations. Psychotherapy, 48(4), 315–321.
Committee on Legal Issues, American Psychological Association. (2006). Strategies for private practitioners coping with subpoenas or compelled testimony for client records or test data. Professional Psychology: Research and Practice, 37(2), 215–222.
Pierce, B. S., Perrin, P. B., & McDonald, S. D. (2020). Pre-COVID-19 deterrents to practicing with videoconferencing telepsychology among psychologists who didn't. Psychological Services. Advance online publication.
Raja, S., Rabinowitz, E. P., & Gray, M. J. (2021). Universal screening and trauma informed care: Current concerns and future directions. Families, Systems, & Health. Advance online publication.
Rigg, T. (2018). The ethical considerations of storing client information online. Professional Psychology: Research and Practice, 49(5-6), 332–335.
Ethics CEU QUESTION 6
What are three changes in boundaries in regards to the disclosure of raw test data? To select and enter your answer go to .